WhatsApp, security in the balance: rapid updating is crucial

A very dangerous bug for WhatsApp. Indeed two. And the only way around the problem is to upgrade. Mostly the automatic one is enough.

In the second half of the nineteenth century, a good number of intellectuals looked to technological advances as something potentially uncontrollable.

Today that sensation seems to have vanished, almost replaced by an intoxicating sensation of constant novelty, with communicative “power” concentrated in tiny but extremely powerful devices. For heaven’s sake, there are still those who look with perplexity at contemporary technologies but it is undeniable that the impact on society is much greater. Because if the upgrading of industries yes, it has an impact on work but it essentially concerns those able to invest in machinery and production activities, create a social channel from scratch and gain a following of millions of fans is something that, at least apparently, seems within everyone’s reach. The web is not only mass distraction of course, but a sort of dark side if it reserves it.

Not necessarily in reference to the deep web or any other illegal practice. Simply, although at first everything seems easy enough even for the less accustomed to new tech, we don’t always have a real understanding of the mechanisms that regulate our devices. Algorithms, processors, electronic brains: the modern “Creatures of Frankenstein” they are assembled through components that, to non-experts, remain completely foreign, if not known to very large lines. And this applies to everything: from smartphones and company to the applications used. Including the most popular, such as WhatsApp.

WhatsApp, the bug scares: here is the save-chat update

A word known to experts, for example, is “bug”. Insect, literally translated from English. A computer defect for those accustomed to electronic systems. A rare case (but not too much) that can also concern very widely used applications. And one of these errors would be concerning the famous WhatsApp (by the way not new to cyber attacks), where not only our private conversations travel but, not infrequently, also documents and files of great importance. Just as much to remember as such apps are now part in an almost visceral way of our daily life. The bug in question would potentially affect both the app installed on Android and iOS systems and would be of such magnitude as to jeopardize the security of the 2 billion people who use WhatsApp. In reality, the “holes” in the protection system would be two.

Meta’s social network has made it known that it has identified the two flaws, cataloged respectively with the codes CVE 2022-27492 and CVE-2022-36934. Both would be extremely dangerous, especially the second, with a score of 9.8 out of 10 in terms of system vulnerability (7.8 the first). In practice, a skilled hacker could exploit the bug to execute arbitrarily any type of code and on any device that has WhatsApp installed. Both defects reveal the side of the video format, which is increasingly used. The 27492, for example, is activated with a video edited and sent to the user while the 36934, much more dangerous, takes advantage of video calls. These flaws could be resolved through an update that WhatsApp is about to make available, while indicating which versions are already protected from patches and hacker attacks. In particular:

• WhatsApp for Android v2.22.16.2 and for iOS v2.22.15.9;
• WhatsApp Business for Android v2.22.16.12 and for iOS v2.22.16.12.

Generally, the app updates automatically and, for this reason, it is more than likely that the versions in question are already installed on our device. A small check, however, would remove any doubts.